| Title: 1.2 - LDAP in a few words |
| NavPrev: 1.1-java-and-ldap.html |
| NavPrevText: 1.1 - Java and LDAP |
| NavUp: 1-introduction.html |
| NavUpText: 1 - Introduction |
| NavNext: 1.3-apache-ldap-api-rational.html |
| NavNextText: 1.3 - The Apache LDAP API rationale |
| Notice: Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| . |
| http://www.apache.org/licenses/LICENSE-2.0 |
| . |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| |
| # 1.2 - LDAP in a few words |
| |
| **LDAP** is not a new technlology. It has been around since the 90's to mitigate complexities inherent in **X.500** usage. Its name refers to **L**ightweight **D**irectory **A**ccess **P**rotocol. Soon after the first standard was issued, the first full *LDAP* server was created and X.500 became obsolete. |
| |
| We'll use the term **LDAP** to represent the protocol and **LDAP server** to represent the server that implements it. |
| |
| ## Features |
| The **LDAP** protocol provides access to entries stored in a **LDAP Server's** database. It provides the mechanism for fast searching and retrieval of entries. Its data structures are hierarchical, and uses a schema to manage the definition of data formats allowed across those entries. |
| |
| An **LDAP** client must first connect to a server and disconnect when finished. Some operations may be performed on the data itself, e.g. searches, modifications and deletions, along with a few others. |
| |
| **LDAP** servers are extensible, but they all use a common protocol providing access to the data in a way that isn't tied to a particular vendor's implementation. |
| |
| ## Characteristics |
| **LDAP** servers are fast for retrievals, having been designed specifically for this purpose. But modifications can be costly. These characteristics must be understood when writing applications that use an **LDAP** server for data storage. |
| |
| Each entry is associated with a location within its corresponding **D**irectory **I**nformation **T**ree, and we use what is known as a **D**istinguished **N**ame (or **Dn**) to describe this address. The base entry is known as the suffix. The suffix along with all entries beneath it are collectively known as the **DIT**. |
| |
| ## Programming |
| |
| **LDAP** is a part of the **IT** landscape and so it's necessary to learn how to deal with it. **LDAP** servers are used to manage authentications, authorizations, demographic information about users and more. It's very likely that you will have to write some code to access data with **LDAP** at some point, and existing **API**s aren't quite up to the task. This **LDAP API** has been designed to simplify usage and ensure proper interaction with the server. |
| |
| ## Going further |
| |
| This was a short introduction, there's more literature about **LDAP** on the web : [Wikipedia](http://en.wikipedia.org/wiki/LDAP) provides a good starting point. |